PDA

View Full Version : Mac viruses (ooh, scary!)



Atomac
8th June 2007, 10:47 PM
Idiot (http://www.zdnet.com.au/news/software/soa/OpenOffice-worm-hits-Mac-Linux-and-Windows/0,130061733,339278379,00.htm)

Do the anti-virus manufacturers really believe that we are so stupid as to believe their rhetoric?

If the Mac is not virus free then why is it that there are NO Mac viruses, worms etc in the wild.

http://www.zdnet.com.au/news/software/soa/OpenOffice-worm-hits-Mac-Linux-and-Windows/0,130061733,339278379,00.htm

jerrah
8th June 2007, 10:56 PM
Well... Technically we could all have viruses and not know. I have to say that if I DO have viruses on my macs, I certainly haven't noticed any out of the ordinary behavior..

grfxninja
8th June 2007, 11:06 PM
I thought this (http://www.zdnet.com.au/video/soa/Sophos-founder-claims-Apple-Macintosh-viruses-are-spreading/0,2000065477,22171385p,00.htm) was amusing :cool:

ethania05
8th June 2007, 11:09 PM
A: Symantec are really warning mac users about the dangers

B: Symantec want us to buy their products even if there aren't "ANY" viruses on the mac

C: Some mac users like to gloat that OS X is invincible and are too vague to realise that a virus could hit the mac

Currawong
8th June 2007, 11:20 PM
Considering that, if there were viruses in the wild for Macs, each and every one of them would be front-page news all over the Mac news sites, if any exist, they exist only in the labs of anti-virus software developers.

Atomac
8th June 2007, 11:28 PM
C: Some mac users like to gloat that OS X is invincible and are too vague to realise that a virus could hit the mac

There are Mac users who think that the OS is invincible and so far it has proven to be outside of proof of concept. OS X is a HUGE target but so far they haven't hit us.

When they do is when I will start using Clam AV, not before. I wouldn't use Symantec or Sophos products on principle. They are like the guys who you pay or else there might be a nasty accident. I don't like extortionists

John C. Dvorak is a Microsoft lackey....

sideshow
8th June 2007, 11:28 PM
I believe this is just another case of scare mongering by antivirus software developers to sell their product...

danielvh
9th June 2007, 12:58 AM
I managed to get a virus on my mac! Admittedly, it couldn't do anything to my computer but it did end up spreading to my windows pc when I sent a word doc through the network.

Got it from a friend of mine who has a macbook (he has no idea how he got it). It's the W97 (or something) virus that affects word documents. Pretty nasty for PC users. Removed it all with ClamXav and mac is now virus-free.

So while there may be no viruses that can harm macs you sure as hell can get a virus and then pass it on to windows users. I would consider it common courtesy to ensure that you're at least scanning any files you email/give to windows users.

Speaking of that, are there any lightweight* mac virus-scanners that will automatically scan incoming and outgoing files? Not something bloaty like Norton but more something like what AVG is on windows.

Devil
9th June 2007, 07:07 AM
Anybody hear of Tall Poppy syndrome?

Guess what. We (macs) are the tallest poppy in the field. If somebody could get a virus out there and somehow get the notoriety but not get arrested, they would.

Dont believe the BS of 'there aren't enough Macs out there to make it worthwhile'

If it happens, it won't just be on the front page of Mac related websites, it will hit the news headlines all over the world.

bullrout
9th June 2007, 08:28 AM
Please correct me if I am wrong.

There is not a virus in the wild = no need for virus protection.

If a new virus appears the anti-virus software won't detect it anyway because it's new.

speedway boy
9th June 2007, 08:37 AM
Yeah the argument that because there is such a small mac number compared to pc so virus builders don't bother just doesn't stack up at all.

Small towns have crime as well.

Also, because of the fact that barely anyone with a mac has virus software how big would the hit be if someone was successful? With that motivation someone somewhere is trying. I really think its bizzare that people would suggest that not one person in the millions who own a mac is not trying to do something. Obviously then it is pretty secure. Cause I aint seen nothing...

EXCEPT......


whats with my firefox or safari now randomly closing down and bringing up a warning message saying I should download a anti wom/virus program. (Of various names). Now a quick google has said that this is dodge.

But is this something I should wory about? What is it doing? Or is it just a crap pop up from dodgy companies.

Squozen
9th June 2007, 09:18 AM
I managed to get a virus on my mac! Admittedly, it couldn't do anything to my computer but it did end up spreading to my windows pc when I sent a word doc through the network.

Got it from a friend of mine who has a macbook (he has no idea how he got it). It's the W97 (or something) virus that affects word documents. Pretty nasty for PC users. Removed it all with ClamXav and mac is now virus-free.

So while there may be no viruses that can harm macs you sure as hell can get a virus and then pass it on to windows users. I would consider it common courtesy to ensure that you're at least scanning any files you email/give to windows users.

Speaking of that, are there any lightweight* mac virus-scanners that will automatically scan incoming and outgoing files? Not something bloaty like Norton but more something like what AVG is on windows.

You didn't 'get' a virus. You were given a file that already contained a macro virus and passed it on to the Windows machine. I believe it's the Windows users responsibility to keep their machine safe, not yours. I refuse to slow my machine down to protect Windows from itself.

A script to add ClamXAV scanning to Apple Mail is here: http://scriptbuilders.net/files/clamavscan1.0.html

Squozen
9th June 2007, 09:19 AM
whats with my firefox or safari now randomly closing down and bringing up a warning message saying I should download a anti wom/virus program. (Of various names). Now a quick google has said that this is dodge.

But is this something I should wory about? What is it doing? Or is it just a crap pop up from dodgy companies.

It's a crap Javascript popup commonly seen on porn and warez sites. You can disable it by turning Javascript off.

Currawong
9th June 2007, 09:47 AM
Please correct me if I am wrong.

There is not a virus in the wild = no need for virus protection.

If a new virus appears the anti-virus software won't detect it anyway because it's new.

Virus detection programs also scan for software or scripts that attempt to do certain things to the system and prevent them.

As was pointed out though, even if a PC virus can't affect you, it can still be passed on through a Mac.

bullrout
9th June 2007, 09:50 AM
Virus detection programs also scan for software or scripts that attempt to do certain things to the system and prevent them.

As was pointed out though, even if a PC virus can't affect you, it can still be passed on through a Mac.

Thanks.

Damian
9th June 2007, 10:37 AM
A few things to consider:

1. There are Word Macro viruses that can infect Word on Macs - really a Microsoft issue. Does not effect OS X itself or any non-MS software.

2. There are fundamental differences in the undelying design of OS X (and Unix in general) that makes it much harder to get a virus to infect and propogate. Vista does appear to have better security (via the UAC) but time will tell if it really works.

3. I have supported 200+ Macs for 3 years and have never seen anything except a Word macro virus.

4. The argument about relative numbers is suspect. Take the situation with web servers - consider Apache vs MS IIS. See: http://news.netcraft.com/archives/web_server_survey.html
Apache has had a much higher share (60+ to 30% with IIS) since 1997. Over that time there have been far more problems with IIS than Apache. So, the numbers argument is suspect at best.

5. Consider the ethics of this site: http://www.securityfocus.com/bid
Want a security hole, any hole, with exploit examples? - It is here.
And who owns Securityfocus? Symantec. See: http://www.securityfocus.com/contact

Yes, they are providing a service publicizing vulnerabilities but they also sell the antidote.

Good or bad?

sendai
9th June 2007, 10:43 AM
If a new virus appears the anti-virus software won't detect it anyway because it's new.One of the ways that anti-virus software slows down your computer is by constantly running heuristic virus-detectors. They look at what programs are doing, how they are doing it and compare it against a database of known 'normal' behaviour. If they spot something outside of the norm, they attempt to halt it, and flag for your attention.

The technique has worked, has detected previously unknown viruses, but overall, they are generally a step behind the viruses themselves.

Anyhow, I think the Sophos guy may be talking about Mac rootkits (http://en.wikipedia.org/wiki/Rootkit), which exist in the wild, and are actively being used against macs...

sanjay
10th June 2007, 12:58 AM
its a similar case to the douchebags (trend micro, mcafee, etc) trying to sell you antivirus programs for your Palm, Windows Mobile, Symbian OS Phone, and Linux.

unfortunately, unlike with those four categories of technology, far more noobs own macs (and who can blame them) and will be suckered into the hype.

not that id expect anyone on mactalk to be :)

forgie
10th June 2007, 01:08 AM
Anyhow, I think the Sophos guy may be talking about Mac rootkits (http://en.wikipedia.org/wiki/Rootkit), which exist in the wild, and are actively being used against macs...
Can you back that statement up with anything? I know that rootkits exist (or did in 2004-5), but a rootkit that requires admin permissions to install is.... not that scary. It would be virtually impossible to have a modern OS that was invulnerable to rootkits, not with the amount of flexibility that general purpose OSes have. Do you have any evidence of anyone actually using an OSX rootkit for attacks "in the wild"? How exactly would they install said rootkits?

Anyway, someone from a security company cannot reasonably mistake a virus for a rootkit, which makes this guy a lying, manipulative asshole, trying to make a buck by spreading FUD.

bljpoad
27th July 2007, 12:45 PM
John C. Dvorak is a Microsoft lackey....

Then this (http://www.pcmag.com/article2/0,1895,2162397,00.asp) article on ZDnet (found via digg) makes for some very interesting reading!
- Berwyck

thorevenge
27th July 2007, 12:58 PM
And a rootkit that can obtain escalated privileges on OS X (Darwin) can probably be used on any other *nix based OS - thus once again not making it Mac specific.

Atomac
27th July 2007, 01:54 PM
Yeah, this is all over the blogs.

You'll note that he is very reserved in his recommendations.

Perhaps he has seen the light...or the cheques stopped.

Disko
27th July 2007, 01:57 PM
or the cheques stopped.
Or he's fishing for a payrise.

happyfeet
2nd August 2007, 11:56 AM
A few things to consider:

1. There are Word Macro viruses that can infect Word on Macs - really a Microsoft issue. Does not effect OS X itself or any non-MS software.

Good or bad?

I got a word doc from a friend and then forward it to a PC user, who suffer a lot as the word doc contains nasty virus (installed a trojan in his windows machine). This really makes me feel guilty. I open this file as well although I did not notice any change. Now I got the following questions.
1) How can I make sure my other word docs are not affected by this virus?
2) If they are affected, are there any ways to remove word doc virus on mac? I am using MS Word 2004 for Mac.

BTW, I asked the friend who originally sent my the doc. He said he scanned this doc using anti-virus (nothing is found, weird) and he was not affected (He is using MS word 2003). The guy hit by the virus is using an old version (word 2002).

Thanks!

Disko
2nd August 2007, 12:00 PM
IThis really makes me feel guilty.
Maybe, but it is your PC using friend's responsibility to protect his computer from viruses, not yours.

happyfeet
2nd August 2007, 12:18 PM
Maybe, but it is your PC using friend's responsibility to protect his computer from viruses, not yours.

Thanks. Yes, you can say that but I am now a bit hesitated to send word doc to other people unless I am totally sure what I am doing. It is a dilemma. I did not use MS Word that often but other people do, which force me to install MS Word for MAC as open office still cannot do a decent job to hand Word Doc:(

happyfeet
2nd August 2007, 12:21 PM
Who said the Word doc was infected anyway?
The guy using Word 2002, actually I was wondering whether this word doc contains any virus. It passed yahoo online virus scan as well. But the guy did suffer, he is sitting next to me.

gelfie
2nd August 2007, 12:25 PM
Damn straight! Let PC users look after their own. Viruses are their problem, not ours. One of the perks of our platform.

happyfeet
2nd August 2007, 02:34 PM
Sounds like a coincidence to me.

Yes it might be the guy got his virus before getting my doc. I just scanned the doc again without any alert. I guess I can just forget it for now and assume my MAC is virus-free.:)

Thanks for your replies